Honda Exposes 26,000 Records of North American Customers (Dec 18, 2019)
Security Discovery researcher Bob Diachenko discovered a misconfigured Elasticsearch cluster in early December. The database was discovered on December 11th as it was indexed by the BinaryEdge Internet-connected device search engine. Honda’s security team in Japan has secured the publicly accessible server, but over 26,000 North American vehicle owner records containing Personally Identifiable Information (PII) were exposed. Information including; name, email address, mailing address, phone numbers and Vehicle related data including service information was accessible. No financial information such as credit card data were exposed.
Recommendation: Despite efforts to secure an enterprise environment, a single human error (such as a misconfigured database) can lead to organisational exposure. Data breaches such as this one serves to remind businesses that cyber security is a constant effort; monitoring, detecting, securing, preventing and responding to threats. Organisations should regularly review and audit their security controls to detect and remediate any accidental as well as malicious risk. Especially when it concerns personally identifiable information (PII). Any storage of customer data should be checked for confidentiality, availability and integrity of that data.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.